Hi Richard,
On 20/07/16 17:14, Richard Levitte via RT wrote:
On Mon Jul 11 11:34:35 2016, mattias.ell...@physics.uu.se wrote:
I guess having a more restrictive accessor that only sets the
EXFLAG_PROXY bit could work. I suggested the more general solution of
having set/clear accessors for arbitrary flags since it was - well
more
general.
So let me ask this in a different manner, does OpenSSL 1.1 still not set the
EXFLAG_PROXY flag correctly? In what situations does that happen? That may be
worth a bug report of its own.
this ties into my earlier question and example of verifying proxy
certificates. What if I want to explicitly *set* the EXFLAG_PROXY for a
stack of certificates? how would I do that? how can I ensure that
OpenSSL 1.1 will automagically trigger this flag for me? Is there a
'get_*' function to determine which flags were set during certificate
verification?
thanks for any pointers or advice,
JJK / Jan Just Keijser
